Commit Graph

48618 Commits

Author SHA1 Message Date
Rafael dos Santos Silva
107a4da71b
Backport Nokogiri to stable for Ruby 3.2 (#20417)
* Build(deps): Bump nokogiri from 1.13.10 to 1.14.0 (#19856)

Bumps [nokogiri](https://github.com/sparklemotion/nokogiri) from 1.13.10 to 1.14.0.
- [Release notes](https://github.com/sparklemotion/nokogiri/releases)
- [Changelog](https://github.com/sparklemotion/nokogiri/blob/main/CHANGELOG.md)
- [Commits](https://github.com/sparklemotion/nokogiri/compare/v1.13.10...v1.14.0)

---
updated-dependencies:
- dependency-name: nokogiri
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Build(deps): Bump nokogiri from 1.14.0 to 1.14.1 (#20079)

Bumps [nokogiri](https://github.com/sparklemotion/nokogiri) from 1.14.0 to 1.14.1.
- [Release notes](https://github.com/sparklemotion/nokogiri/releases)
- [Changelog](https://github.com/sparklemotion/nokogiri/blob/main/CHANGELOG.md)
- [Commits](https://github.com/sparklemotion/nokogiri/compare/v1.14.0...v1.14.1)

---
updated-dependencies:
- dependency-name: nokogiri
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Build(deps): Bump nokogiri from 1.14.1 to 1.14.2 (#20272)

Bumps [nokogiri](https://github.com/sparklemotion/nokogiri) from 1.14.1 to 1.14.2.
- [Release notes](https://github.com/sparklemotion/nokogiri/releases)
- [Changelog](https://github.com/sparklemotion/nokogiri/blob/main/CHANGELOG.md)
- [Commits](https://github.com/sparklemotion/nokogiri/compare/v1.14.1...v1.14.2)

---
updated-dependencies:
- dependency-name: nokogiri
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-02-22 13:13:07 -03:00
Discourse Translator Bot
563fa14a89
Update translations (#20390) 2023-02-21 17:10:42 +01:00
Discourse Translator Bot
f58bca13d8
Update translations (#20284) 2023-02-15 11:24:44 +01:00
Discourse Translator Bot
f000f9c6ae
Update translations (#20194) 2023-02-07 14:37:15 +01:00
Andrei Prigorshnev
ded6aed15e
FIX: avoid race condition when setting user status (#19817) (#20182)
This is a backport of 84e13e9.

We caught it in logs, race condition led to this error:

    ActiveRecord::RecordNotUnique 
    (PG::UniqueViolation: ERROR:  duplicate key value violates unique constraint "user_statuses_pkey"
    DETAIL:  Key (user_id)=(15) already exists.)


The reason the problem happened was that we were checking if a user has status and if not inserting status:

    if user_status
      ...
    else
      self.user_status = UserStatus.create!(status)
    end

The problem is that it's possible that another request will insert status just after we check if status exists and just before our request call `UserStatus.create!(status)`. Using `upsert` fixes the problem because under the hood `upsert` generates the only SQL request that uses "INSERT ... ON CONFLICT DO UPDATE". So we do everything in one SQL query, and that query takes care of resolving possible conflicts.
2023-02-06 20:32:45 +04:00
Discourse Translator Bot
4395efc188
Update translations (#20184) 2023-02-06 16:50:11 +01:00
Keegan George
a409924425 FIX: Failing system spec for rate limited search (#20046) 2023-02-01 19:05:58 -08:00
Sam
1856ea83ec FEATURE: rate limit anon searches per second (#19708) 2023-02-01 19:05:58 -08:00
Alan Guo Xiang Tan
42d2cb2d4e
SECURITY: Hide PM count for tags by default (#20061) (#20090)
Currently `Topic#pm_topic_count` is a count of all personal messages tagged for a given tag. As a result, any user with access to PM tags can poll a sensitive tag to determine if a new personal message has been created using that tag even if the user does not have access to the personal message. We classify this as a minor leak in sensitive information.

With this commit, `Topic#pm_topic_count` is hidden from users by default unless the `display_personal_messages_tag_counts` site setting is enabled.
2023-02-01 06:43:58 +08:00
Discourse Translator Bot
a9f762550d
Update translations (#20102) 2023-01-31 15:21:19 +01:00
Jarek Radosz
df70c8bf1c FIX: Don't spam presence requests when getting 429 (#20084)
The presence service would retry `/presence/update` requests every second (or immediately in tests) in case where server returns 429 (rate limit) errors. That could lead to infinite spamming (until user refreshed tab/tabs)

Co-authored-by: David Taylor <david@taylorhq.com>
2023-01-31 14:04:21 +01:00
Jarek Radosz
78fe2656b4 DEV: Convert presence service tests to actual unit tests (#20076) 2023-01-31 14:04:21 +01:00
Arpit Jalan
29805b32ef
DEV: Move back to web-push gem (#19849) (#20091)
Our fork was needed for OpenSSL 3 and Ruby 2.X compatibility.

The OpenSSL 3 part was merged into the gem for version 3.

Discourse dropped support for Ruby 2.X.

That means we don't need our fork anymore.

Co-authored-by: Rafael dos Santos Silva <xfalcox@gmail.com>
2023-01-31 14:54:04 +05:30
David Taylor
8c97ae76e7
DEV: Fix GitHub CI permissions issues (stable) (#20093)
The `git` version in our discourse_test docker image was recently updated to include a permissions check before running any git commands. For this to pass, the owner of the discourse directory needs to match the user running any git commands.

Under GitHub actions, by default the working directory is created with uid=1000 as the owner. We run all our tests as `root`, so this mismatch causes git to raise the permissions error. We can't switch to run the entire workflow as the `discourse (uid=1000)` user because our discourse_test image is not configured to allow `discourse` access to postgres/redis directories. For now, this commit updates the working directory's owner to match the user running the workflow.
2023-01-31 09:06:56 +00:00
David Taylor
a3b01eaa62
FIX: Ensure anon-cached values are never returned for API requests (stable) (#20022)
Under some situations, we would inadvertently return a public (unauthenticated) result to an authenticated API request. This commit adds the `Api-Key` header to our anonymous cache bypass logic.
2023-01-30 14:42:51 +00:00
Bianca Nenciu
4571b10ee5
Version bump to v3.0.1 (#20010) 2023-01-25 13:55:40 -05:00
Bianca Nenciu
1a5a6f66cb
SECURITY: Prevent XSS in local oneboxes (#20009)
Co-authored-by: OsamaSayegh <asooomaasoooma90@gmail.com>
2023-01-25 19:17:22 +02:00
Bianca Nenciu
15a2af1c21
SECURITY: Update to exclude tag topic filter (#20007)
Ignores tags specified in exclude_tag topics param that a user does not
have access to.

Co-authored-by: Blake Erickson <o.blakeerickson@gmail.com>
2023-01-25 18:56:28 +02:00
Bianca Nenciu
ecb9aa5dba
SECURITY: only show restricted tag lists to authorized users (#20005)
Co-authored-by: Penar Musaraj <pmusaraj@gmail.com>
2023-01-25 18:56:00 +02:00
Bianca Nenciu
3c6d938077
SECURITY: Prevent ReDoS in user agent parsing (#20003)
Co-authored-by: Penar Musaraj <pmusaraj@gmail.com>
2023-01-25 18:55:36 +02:00
Bianca Nenciu
ec4c302708
SECURITY: Prevent ReDOS by making the SSH url regex unambiguous (#20001)
Co-authored-by: Daniel Waterworth <me@danielwaterworth.com>
2023-01-25 18:55:10 +02:00
Bianca Nenciu
5849c81f1d Revert "FIX: TL4 user can see deleted topics (#19946)"
This reverts commit d725c41d18 which is
a 3.1 feature.
2023-01-25 15:39:38 +02:00
Bianca Nenciu
87b95356f7 SECURITY: Remove bypass for base_url
The check used to be necessary because we validated the referrer too and
this bypass was a workaround a bug that is present in some browsers that
do not send the correct referrer.
2023-01-25 13:53:22 +02:00
Ted Johansson
3e0cc4a5d9 SECURITY: Limit the character count of group membership requests
When creating a group membership request, there is no character
limit on the 'reason' field. This can be potentially be used by
an attacker to create enormous amount of data in the database.
2023-01-25 13:53:07 +02:00
Loïc Guitaut
3dcd0bc544 SECURITY: Limit the length of drafts 2023-01-25 13:52:58 +02:00
Joffrey JAFFEUX
a02af9e6db SECURITY: Limit chat drafts length and preloaded count
Only allow maximum of `50_000` characters for chat drafts. A hidden `max_chat_draft_length` setting can control this limit. A migration is also provided to delete any abusive draft in the database.

The number of drafts loaded on current user has also been limited and ordered by most recent update.

Note that spec files moved are not directly related to the fix.
2023-01-25 13:52:49 +02:00
Aleksey Bogdanov
971f97d03a FIX: text selection breaks opening of links in new tabs (#19867)
When a user checks "Open all external links in a new tab" preference
he expects not to be overruled by unrelated text selections.
Yet if text is selected during a link click the link is followed on
the same tab. This change corrects that.
2023-01-25 13:48:49 +02:00
Martin Brennan
cb6572e940 FIX: Do not add empty use/svg tags in ExcerptParser (#19969)
There was an issue where if hashtag-cooked HTML was sent
to the ExcerptParser without the keep_svg option, we would
end up with empty </use> and </svg> tags on the parts of the
excerpt where the hashtag was, in this case when a post
push notification was sent.

Fixed this, and also added a way to only display a plaintext
version of the hashtag for cases like this via PrettyText#excerpt.
2023-01-25 13:48:49 +02:00
Vinoth Kannan
01b903dc83 FIX: skip email if blank while syncing SSO attributes. (#19939)
Also, return email blank error in `EmailValidator`  when the email is blank.
2023-01-25 13:48:49 +02:00
Krzysztof Kotlarek
1ef2031fae FIX: TL4 user is not redirected to latest when delete topic (#19967)
Continue of https://github.com/discourse/discourse/pull/19766

When TL4 is allowed to delete topic, they should not be redirected to / after that action.
2023-01-25 13:48:49 +02:00
Martin Brennan
dc55e9cdf9 FIX: Do not count deleted post for upload ref security (#19949)
When checking whether an existing upload should be secure
based on upload references, do not count deleted posts, since
there is still a reference attached to them. This can lead to
issues where e.g. an upload is used for a post then later on
a custom emoji.
2023-01-25 13:48:49 +02:00
Joffrey JAFFEUX
7df88e338a FIX: adds negative skidding to popper offset (#19958)
Learn more about skidding here: https://popper.js.org/docs/v2/modifiers/offset/#skidding-1

This change has two goals:
- Fixes an issue when the user had zoomed the viewport and the popper would position on the opposite side
- Makes msg actions arguably more pleasant to the eye by preventing it to be right aligned with the message container
2023-01-25 13:48:49 +02:00
Kris
c13877e71b FIX: data-popper-reference-hidden too broad (#19937) 2023-01-25 13:48:49 +02:00
Jordan Vidrine
5361fa3421 FIX: Fix margin on mini-tag-chooser (#19953) 2023-01-25 13:48:49 +02:00
Joffrey JAFFEUX
482739c171 FIX: prevents msg-actions to show hover text (#19952)
This case was possible in restrained space when the top of the message was not visible in the viewport.
2023-01-25 13:48:49 +02:00
Joffrey JAFFEUX
a0f61f4a25 FIX: generates automatic slug for trashed channels (#19908)
Prior to this fix trashed channels would still prevent a channel with the same slug to be created. This commit generates a new slug on trash and frees the slug for future usage.

The format used for the slug is: `YYYYMMDD-HHMM-OLD_SLUG-deleted` truncated to the max length of a channel name.
2023-01-25 13:48:49 +02:00
Krzysztof Kotlarek
d725c41d18 FIX: TL4 user can see deleted topics (#19946)
New feature that TL4 users can delete/recover topics and post was introduced https://github.com/discourse/discourse/pull/19766

One guardian was missed to ensure that can see deleted topics
2023-01-25 13:48:49 +02:00
Osama Sayegh
20d344b5c6 FIX: Allow modals to scroll on mobile when keyboard is open (#19930)
Meta topic: https://meta.discourse.org/t/android-keyboard-overlaps-text-when-flagging-with-something-else/249687?u=osama

On Android, it's currently not possible to scroll modals that take input from the user (such as the flagging modal) when the keyboard is open which means that the keyboard can cover up part of the modal with no way for the user to see the covered part without closing the keyboard. This commit adds some CSS to make these modals scrollable when the keyboard is open.
2023-01-25 13:48:49 +02:00
Ted Johansson
a95b2f9140 FIX: Don't display staff-only options to non-staff in group member bulk menu (#19907)
In the group member bulk edit menu we are displaying staff-only options
to non-staff. The requests are blocked by the back-end, so there is no
harm other than to the user experience.

Notably the individual user edit menu is correctly filtering out
unavailable options. This change brings the bulk edit menu in line with
that.
2023-01-25 13:48:49 +02:00
Krzysztof Kotlarek
db3f569398 FIX: move min tag setting to tags section in edit category (#19789)
`Minimum number of tags required in a topic` should be in `Tags` panel instead of `Settings`
2023-01-25 13:48:49 +02:00
Krzysztof Kotlarek
023accf6a8 FIX: deleted misconfigured embeddable hosts (#19833)
When EmbeddableHost is configured for a specific category and that category is deleted, then EmbeddableHost should be deleted as well.

In addition, migration was added to fix existing data.
2023-01-25 13:48:49 +02:00
Martin Brennan
de1922e656 FIX: Query UploadReference in UploadSecurity for existing uploads (#19917)
This fixes a longstanding issue for sites with the
secure_uploads setting enabled. What would happen is a scenario
like this, since we did not check all places an upload could be
linked to whenever we used UploadSecurity to check whether an
upload should be secure:

* Upload is created and used for site setting, set to secure: false
  since site setting uploads should not be secure. Let's say favicon
* Favicon for the site is used inside a post in a private category,
  e.g. via a Onebox
* We changed the secure status for the upload to true, since it's been
  used in a private category and we don't check if it's originator
  was a public place
* The site favicon breaks :'(

This was a source of constant consternation. Now, when an upload is _not_
being created, and we are checking if an existing upload should be
secure, we now check to see what the first record in the UploadReference
table is for that upload. If it's something public like a site setting,
then we will never change the upload to `secure`.
2023-01-25 13:48:49 +02:00
Selase Krakani
743d3ea4f3 FIX: Switch email domain site settings type to host_list (#19922)
Specifying wildcard characters which also happen to be regex
meta characters for `auto_approve_email_domains`, `allowed_email_domains`
and `blocked_email_domains` site settings currently breaks email
validation.

This change prevents these characters from being specified for these
site settings. It does this by switching the site setting type
from `list` to `host_list`. The `host_list` validator checks for these
characters.

In addition, this change also improves the site setting descriptions and
introduces a migration to  fix existing records.
2023-01-25 13:48:49 +02:00
Martin Brennan
7a074e6684 FIX: Do not override channel name when category selected (#19920) 2023-01-25 13:48:49 +02:00
Martin Brennan
df30d1fd07 FIX: Enqueue notify_mailing_list_subscribers when post is recovered (#19888)
This commit fixes the following issue:

* User creates a post
* Akismet or some other thing like requiring posts to be approved puts
  the post in the review queue, deleting it
* Admin approves the post
* Email is never sent to mailing list mode subscribers

We intentionally do not enqueue this for every single post when
recovering a topic (i.e. recovering the first post) since the topics
could have a lot of posts with emails already sent, and we don't want
to clog sidekiq with thousands of notify jobs.
2023-01-25 13:48:49 +02:00
Martin Brennan
253e0c8e34 FIX: Change wording from title -> name in channel about page (#19889)
We refer to the channel name rather than title elsewhere
(including the new channel modal), so we should be consistent.
Title is an internal abstraction, since DM channels cannot have
names (currently).

Also change the name field on channel edit to a input type="text"
rather than a textarea, since we don't want a huge input here.
2023-01-25 13:48:49 +02:00
Martin Brennan
566540f034 FIX: New hashtag support for narrative bot advanced narrative (#19875)
The discobot advanced tutorial was failing when the new hashtags
were enabled with enable_experimental_hashtag_autocomplete set
to true, since the CSS selector is different. This commit fixes
the issue and also changes the instructions if this is enabled since
we no longer require the hashtag to not be at the start of the line.

c.f. https://meta.discourse.org/t/it-is-impossible-to-complete-the-hashtag-section-of-the-discobot-advanced-tutorial/251494
2023-01-25 13:48:49 +02:00
Bianca Nenciu
da3b68f9be FIX: Validate tags parameter of TopicQuery (#19830)
Recently, we have seen some errors related to invalid tags value being
passed to TopicQuery.
2023-01-25 13:48:49 +02:00
Martin Brennan
273d0f2f13 FIX: Fix incorrect hashtag setting migration (#19857)
Added in c2013865d7,
this migration was supposed to only turn off the hashtag
setting for existing sites (since that was the old default)
but its doing it for new ones too because we run all migrations
on new sites.

Instead, we should only run this if the first migration was
only just created, meaning its a new site.
2023-01-25 13:48:49 +02:00
Martin Brennan
0d4a27bd96 FIX: Use hashtags in channel archive PMs if available (#19859)
If the enable_experimental_hashtag_autocomplete setting is
enabled, then we should autolink hashtag references to the
archived channels (e.g. #blah::channel) for a nicer UX, and
just show the channel name if not (since doing #channelName
can lead to weird inconsistent results).
2023-01-25 13:48:49 +02:00